212.70.149.4 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United Kingdom of Great Britain and Northern Ireland

Internet Service Provider: Global Communication Net Plc

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	abuse-sasl	2020-10-02 04:45:55
attack	Oct 1 14:49:30 relay postfix/smtpd\[13126\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 1 14:52:35 relay postfix/smtpd\[11548\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 1 14:55:37 relay postfix/smtpd\[9509\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 1 14:58:41 relay postfix/smtpd\[12747\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 1 15:01:42 relay postfix/smtpd\[12747\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-10-01 21:02:28
attackbotsspam	Oct 1 07:15:31 mx postfix/postscreen\[32761\]: PREGREET 11 after 1 from \[212.70.149.4\]:54198: EHLO User ...	2020-10-01 13:16:09
attackspam	Repeated attempts to log in (via SMTP) with numerous user/passwords (Too Many to list!)	2020-09-23 22:32:39
attackbotsspam	Repeated attempts to log in (via SMTP) with numerous user/passwords (Too Many to list!)	2020-09-23 14:50:24
attackbotsspam	Rude login attack (410 tries in 1d)	2020-09-23 06:41:41
attackbots	2020-09-22 21:59:49 dovecot_login authenticator failed for \(User\) \[212.70.149.4\]: 535 Incorrect authentication data \(set_id=server2@org.ua\)2020-09-22 22:02:50 dovecot_login authenticator failed for \(User\) \[212.70.149.4\]: 535 Incorrect authentication data \(set_id=syslog@org.ua\)2020-09-22 22:05:51 dovecot_login authenticator failed for \(User\) \[212.70.149.4\]: 535 Incorrect authentication data \(set_id=donny@org.ua\) ...	2020-09-23 03:07:33
attackspambots	2020-09-22 14:07:04 dovecot_login authenticator failed for \(User\) \[212.70.149.4\]: 535 Incorrect authentication data \(set_id=s@org.ua\)2020-09-22 14:10:12 dovecot_login authenticator failed for \(User\) \[212.70.149.4\]: 535 Incorrect authentication data \(set_id=proba@org.ua\)2020-09-22 14:13:19 dovecot_login authenticator failed for \(User\) \[212.70.149.4\]: 535 Incorrect authentication data \(set_id=read@org.ua\) ...	2020-09-22 19:16:44
attackbotsspam	Sep 21 15:25:39 srv01 postfix/smtpd\[28798\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 21 15:25:53 srv01 postfix/smtpd\[30927\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 21 15:25:59 srv01 postfix/smtpd\[28798\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 21 15:26:14 srv01 postfix/smtpd\[28798\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 21 15:28:41 srv01 postfix/smtpd\[28798\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-09-21 21:35:56
attackbots	Sep 21 07:01:25 relay postfix/smtpd\[12323\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 21 07:04:32 relay postfix/smtpd\[22716\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 21 07:07:39 relay postfix/smtpd\[12323\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 21 07:10:42 relay postfix/smtpd\[22716\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 21 07:13:47 relay postfix/smtpd\[12323\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-09-21 13:22:47
attackbots	Suspicious access to SMTP/POP/IMAP services.	2020-09-21 05:13:25
attackspam	Sep 20 17:25:36 relay postfix/smtpd\[24352\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 20 17:28:45 relay postfix/smtpd\[30809\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 20 17:31:51 relay postfix/smtpd\[27809\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 20 17:34:57 relay postfix/smtpd\[28222\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 20 17:38:03 relay postfix/smtpd\[30324\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-09-20 23:42:37
attackspambots	(smtpauth) Failed SMTP AUTH login from 212.70.149.4 (BG/Bulgaria/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SMTPAUTH; Logs: 2020-09-20 03:24:24 dovecot_login authenticator failed for (User) [212.70.149.4]:9264: 535 Incorrect authentication data (set_id=elena@xeoserver.com) 2020-09-20 03:25:14 dovecot_login authenticator failed for (User) [212.70.149.4]:50996: 535 Incorrect authentication data (set_id=elena@xeoserver.com) 2020-09-20 03:25:45 dovecot_login authenticator failed for (User) [212.70.149.4]:48428: 535 Incorrect authentication data (set_id=elena@xeoserver.com) 2020-09-20 03:26:00 dovecot_login authenticator failed for (User) [212.70.149.4]:3294: 535 Incorrect authentication data (set_id=krystal@xeoserver.com) 2020-09-20 03:26:18 dovecot_login authenticator failed for (User) [212.70.149.4]:26110: 535 Incorrect authentication data (set_id=krystal@xeoserver.com)	2020-09-20 15:32:14
attackspam	SMTP hack attempt	2020-09-20 07:27:04
attackspam	Rude login attack (311 tries in 1d)	2020-09-19 00:15:35
attackbots	2020-09-18T10:10:02.143881www postfix/smtpd[11295]: warning: unknown[212.70.149.4]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2020-09-18T10:13:10.450705www postfix/smtpd[11295]: warning: unknown[212.70.149.4]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2020-09-18T10:16:19.509004www postfix/smtpd[12739]: warning: unknown[212.70.149.4]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-09-18 16:21:37
attackspam	2020-09-18 01:31:55 auth_plain authenticator failed for (User) [212.70.149.4]: 535 Incorrect authentication data (set_id=backoffice@com.ua) 2020-09-18 01:35:02 auth_plain authenticator failed for (User) [212.70.149.4]: 535 Incorrect authentication data (set_id=backup@com.ua) ...	2020-09-18 06:35:54
attackspam	Sep 17 15:39:17 relay postfix/smtpd\[647\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 17 15:42:26 relay postfix/smtpd\[2450\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 17 15:45:33 relay postfix/smtpd\[1410\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 17 15:48:40 relay postfix/smtpd\[646\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 17 15:51:48 relay postfix/smtpd\[30216\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-09-17 22:00:47
attackspambots	2020-09-17 09:00:42 dovecot_login authenticator failed for \(User\) \[212.70.149.4\]: 535 Incorrect authentication data \(set_id=lsi@org.ua\)2020-09-17 09:03:47 dovecot_login authenticator failed for \(User\) \[212.70.149.4\]: 535 Incorrect authentication data \(set_id=live1@org.ua\)2020-09-17 09:06:54 dovecot_login authenticator failed for \(User\) \[212.70.149.4\]: 535 Incorrect authentication data \(set_id=listen@org.ua\) ...	2020-09-17 14:10:01
attackspambots	2020-09-13 10:20:23,591 fail2ban.actions [13109]: NOTICE [postfix-sasl] Unban 212.70.149.4 2020-09-14 12:15:29,614 fail2ban.actions [25284]: NOTICE [postfix-sasl] Unban 212.70.149.4 ...	2020-09-17 05:17:18
attackspambots	Sep 16 19:51:05 srv01 postfix/smtpd\[2026\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 16 19:51:23 srv01 postfix/smtpd\[4826\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 16 19:51:26 srv01 postfix/smtpd\[4828\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 16 19:51:41 srv01 postfix/smtpd\[3487\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 16 19:54:13 srv01 postfix/smtpd\[29735\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-09-17 01:54:38
attackbotsspam	Sep 16 11:55:57 relay postfix/smtpd\[6016\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 16 11:59:00 relay postfix/smtpd\[4318\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 16 12:02:01 relay postfix/smtpd\[4317\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 16 12:05:06 relay postfix/smtpd\[4318\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 16 12:08:08 relay postfix/smtpd\[1545\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-09-16 18:11:11
attack	Sep 15 18:46:14 mail postfix/smtpd\[14651\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Sep 15 19:17:02 mail postfix/smtpd\[16092\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Sep 15 19:20:08 mail postfix/smtpd\[16092\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Sep 15 19:23:15 mail postfix/smtpd\[16092\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2020-09-16 01:30:11
attackbots	Sep 15 11:11:23 srv01 postfix/smtpd\[21833\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 15 11:11:39 srv01 postfix/smtpd\[18553\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 15 11:11:43 srv01 postfix/smtpd\[28158\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 15 11:11:57 srv01 postfix/smtpd\[28158\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 15 11:14:30 srv01 postfix/smtpd\[20643\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-09-15 17:22:20
attackbotsspam	Sep 14 15:10:00 relay postfix/smtpd\[8537\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 14 15:13:09 relay postfix/smtpd\[14091\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 14 15:16:17 relay postfix/smtpd\[14092\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 14 15:19:26 relay postfix/smtpd\[14091\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 14 15:22:33 relay postfix/smtpd\[15223\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-09-14 21:27:27
attackspam	For days now smtp ehlo round about every 3min. Sep 14 03:38:49 postfix/postscreen[4402]: BLACKLISTED [212.70.149.4]:47336 Sep 14 03:38:50 postfix/postscreen[4402]: PREGREET 11 after 0.93 from [212.70.149.4]:47336: EHLO User Sep 14 03:41:54 postfix/postscreen[6663]: BLACKLISTED [212.70.149.4]:4822 Sep 14 03:41:55 postfix/postscreen[6663]: PREGREET 11 after 0.79 from [212.70.149.4]:4822: EHLO User Sep 14 03:45:00 postfix/postscreen[9368]: BLACKLISTED [212.70.149.4]:27232 Sep 14 03:45:01 postfix/postscreen[9368]: PREGREET 11 after 0.99 from [212.70.149.4]:27232: EHLO User Sep 14 03:48:07 postfix/postscreen[12268]: BLACKLISTED [212.70.149.4]:48990 Sep 14 03:48:07 postfix/postscreen[12268]: PREGREET 11 after 0.06 from [212.70.149.4]:48990: EHLO User Sep 14 03:51:13 postfix/postscreen[16929]: BLACKLISTED [212.70.149.4]:6114 Sep 14 03:51:14 postfix/postscreen[16929]: PREGREET 11 after 0.06 from [212.70.149.4]:6114: EHLO User Se	2020-09-14 13:20:24
attack	Sep 13 22:59:15 relay postfix/smtpd\[18085\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 13 23:02:19 relay postfix/smtpd\[18086\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 13 23:05:24 relay postfix/smtpd\[18086\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 13 23:08:27 relay postfix/smtpd\[20669\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 13 23:11:31 relay postfix/smtpd\[21179\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-09-14 05:20:36
attack	2020-09-13T15:06:29.012761www postfix/smtpd[8699]: warning: unknown[212.70.149.4]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2020-09-13T15:10:02.309667www postfix/smtpd[8752]: warning: unknown[212.70.149.4]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2020-09-13T15:13:34.308061www postfix/smtpd[9012]: warning: unknown[212.70.149.4]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-09-13 21:19:48
attack	Rude login attack (88 tries in 1d)	2020-09-13 13:13:23
attackspambots	Sep 12 22:35:47 relay postfix/smtpd\[3374\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 12 22:39:17 relay postfix/smtpd\[3378\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 12 22:42:49 relay postfix/smtpd\[3374\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 12 22:46:22 relay postfix/smtpd\[8242\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 12 22:49:55 relay postfix/smtpd\[3378\]: warning: unknown\[212.70.149.4\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-09-13 04:59:22

Comments on same subnet:

IP	Type	Details	Datetime
212.70.149.134	attack	Hack	2024-03-01 15:04:53
212.70.149.72	bots	Apr 21 11:17:27 mail dovecot: auth: passwd-file(tata@example.com,212.70.149.72): unknown user (SHA1 of given password: b3aca9) Apr 21 11:17:29 mail postfix/smtps/smtpd[1933]: warning: unknown[212.70.149.72]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 21 11:17:34 mail postfix/smtps/smtpd[1933]: lost connection after AUTH from unknown[212.70.149.72] Apr 21 11:17:34 mail postfix/smtps/smtpd[1933]: disconnect from unknown[212.70.149.72] ehlo=1 auth=0/1 rset=1 commands=2/3 Apr 21 11:18:31 mail postfix/smtps/smtpd[1933]: connect from unknown[212.70.149.72] Apr 21 11:18:41 mail postfix/smtps/smtpd[1933]: Anonymous TLS connection established from unknown[212.70.149.72]: TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits) Apr 21 11:19:09 mail dovecot: auth: passwd-file(cent@example.com,212.70.149.72): unknown user (SHA1 of given password: b3aca9) Apr 21 11:19:11 mail postfix/smtps/smtpd[1933]: warning: unknown[212.70.149.72]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 21 11:19:16 mail postfix/smtps/smtpd[1933]: lost connection after AUTH from unknown[212.70.149.72] Apr 21 11:19:16 mail postfix/smtps/smtpd[1933]: disconnect from unknown[212.70.149.72] ehlo=1 auth=0/1 rset=1 commands=2/3 Apr 21 11:22:36 mail postfix/anvil[1450]: statistics: max connection rate 1/60s for (smtps:212.70.149.72) at Apr 21 11:13:35 Apr 21 11:22:36 mail postfix/anvil[1450]: statistics: max connection count 1 for (smtps:212.70.149.72) at Apr 21 11:13:35 Apr 21 11:22:36 mail postfix/anvil[1450]: statistics: max cache size 1 at Apr 21 11:13:35	2022-04-21 11:27:10
212.70.149.72	bots	Apr 21 11:17:27 mail dovecot: auth: passwd-file(tata@example.com,212.70.149.72): unknown user (SHA1 of given password: b3aca9) Apr 21 11:17:29 mail postfix/smtps/smtpd[1933]: warning: unknown[212.70.149.72]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 21 11:17:34 mail postfix/smtps/smtpd[1933]: lost connection after AUTH from unknown[212.70.149.72] Apr 21 11:17:34 mail postfix/smtps/smtpd[1933]: disconnect from unknown[212.70.149.72] ehlo=1 auth=0/1 rset=1 commands=2/3 Apr 21 11:18:31 mail postfix/smtps/smtpd[1933]: connect from unknown[212.70.149.72] Apr 21 11:18:41 mail postfix/smtps/smtpd[1933]: Anonymous TLS connection established from unknown[212.70.149.72]: TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits) Apr 21 11:19:09 mail dovecot: auth: passwd-file(cent@example.com,212.70.149.72): unknown user (SHA1 of given password: b3aca9) Apr 21 11:19:11 mail postfix/smtps/smtpd[1933]: warning: unknown[212.70.149.72]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 21 11:19:16 mail postfix/smtps/smtpd[1933]: lost connection after AUTH from unknown[212.70.149.72] Apr 21 11:19:16 mail postfix/smtps/smtpd[1933]: disconnect from unknown[212.70.149.72] ehlo=1 auth=0/1 rset=1 commands=2/3 Apr 21 11:22:36 mail postfix/anvil[1450]: statistics: max connection rate 1/60s for (smtps:212.70.149.72) at Apr 21 11:13:35 Apr 21 11:22:36 mail postfix/anvil[1450]: statistics: max connection count 1 for (smtps:212.70.149.72) at Apr 21 11:13:35 Apr 21 11:22:36 mail postfix/anvil[1450]: statistics: max cache size 1 at Apr 21 11:13:35	2022-04-21 11:26:44
212.70.149.71	spamattack	Mail server attack SMTP	2021-10-15 09:16:21
212.70.149.36	attackspambots	Oct 14 00:55:16 blackbee postfix/smtpd[20435]: warning: unknown[212.70.149.36]: SASL LOGIN authentication failed: authentication failure Oct 14 00:55:33 blackbee postfix/smtpd[20435]: warning: unknown[212.70.149.36]: SASL LOGIN authentication failed: authentication failure Oct 14 00:55:50 blackbee postfix/smtpd[20435]: warning: unknown[212.70.149.36]: SASL LOGIN authentication failed: authentication failure Oct 14 00:56:07 blackbee postfix/smtpd[20435]: warning: unknown[212.70.149.36]: SASL LOGIN authentication failed: authentication failure Oct 14 00:56:23 blackbee postfix/smtpd[20435]: warning: unknown[212.70.149.36]: SASL LOGIN authentication failed: authentication failure ...	2020-10-14 08:10:57
212.70.149.52	attackbotsspam	Oct 14 01:52:52 relay postfix/smtpd\[25669\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 14 01:53:17 relay postfix/smtpd\[21341\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 14 01:53:42 relay postfix/smtpd\[21341\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 14 01:54:07 relay postfix/smtpd\[25312\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 14 01:54:32 relay postfix/smtpd\[25312\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-10-14 07:56:35
212.70.149.20	attackbots	Oct 14 01:44:02 srv01 postfix/smtpd\[2787\]: warning: unknown\[212.70.149.20\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 14 01:44:04 srv01 postfix/smtpd\[2842\]: warning: unknown\[212.70.149.20\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 14 01:44:08 srv01 postfix/smtpd\[5647\]: warning: unknown\[212.70.149.20\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 14 01:44:09 srv01 postfix/smtpd\[5656\]: warning: unknown\[212.70.149.20\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 14 01:44:27 srv01 postfix/smtpd\[2842\]: warning: unknown\[212.70.149.20\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-10-14 07:49:33
212.70.149.83	attackspambots	2020-10-14T01:21:46.638543mail1 postfix/smtpd[4846]: warning: unknown[212.70.149.83]: SASL LOGIN authentication failed: authentication failure 2020-10-14T01:22:11.387046mail1 postfix/smtpd[4846]: warning: unknown[212.70.149.83]: SASL LOGIN authentication failed: authentication failure 2020-10-14T01:22:37.112335mail1 postfix/smtpd[4846]: warning: unknown[212.70.149.83]: SASL LOGIN authentication failed: authentication failure ...	2020-10-14 07:28:06
212.70.149.68	attack	2020-10-14 02:02:28 dovecot_login authenticator failed for \(User\) \[212.70.149.68\]: 535 Incorrect authentication data \(set_id=lupus@ift.org.ua\)2020-10-14 02:04:21 dovecot_login authenticator failed for \(User\) \[212.70.149.68\]: 535 Incorrect authentication data \(set_id=lulu@ift.org.ua\)2020-10-14 02:06:14 dovecot_login authenticator failed for \(User\) \[212.70.149.68\]: 535 Incorrect authentication data \(set_id=lst@ift.org.ua\) ...	2020-10-14 07:08:31
212.70.149.20	attack	Oct 13 21:14:01 websrv1.derweidener.de postfix/smtpd[977082]: warning: unknown[212.70.149.20]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 13 21:14:30 websrv1.derweidener.de postfix/smtpd[977082]: warning: unknown[212.70.149.20]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 13 21:14:55 websrv1.derweidener.de postfix/smtpd[977082]: warning: unknown[212.70.149.20]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 13 21:15:24 websrv1.derweidener.de postfix/smtpd[977082]: warning: unknown[212.70.149.20]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 13 21:15:54 websrv1.derweidener.de postfix/smtpd[977082]: warning: unknown[212.70.149.20]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-10-14 04:12:34
212.70.149.68	attackbotsspam	2020-10-13T17:33:20.606164mail1 postfix/smtps/smtpd[32542]: warning: unknown[212.70.149.68]: SASL LOGIN authentication failed: authentication failure 2020-10-13T17:35:16.903893mail1 postfix/smtps/smtpd[32542]: warning: unknown[212.70.149.68]: SASL LOGIN authentication failed: authentication failure 2020-10-13T17:37:13.305145mail1 postfix/smtps/smtpd[32542]: warning: unknown[212.70.149.68]: SASL LOGIN authentication failed: authentication failure ...	2020-10-13 23:44:00
212.70.149.52	attackbots	Oct 13 15:48:52 relay postfix/smtpd\[25889\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 13 15:49:17 relay postfix/smtpd\[32223\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 13 15:49:42 relay postfix/smtpd\[404\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 13 15:50:07 relay postfix/smtpd\[25889\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 13 15:50:32 relay postfix/smtpd\[27643\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-10-13 21:52:30
212.70.149.20	attack	SASL PLAIN auth failed: ruser=...	2020-10-13 19:36:11
212.70.149.68	attackbotsspam	Oct 13 08:55:46 mx postfix/smtps/smtpd\[14650\]: warning: unknown\[212.70.149.68\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 13 08:55:51 mx postfix/smtps/smtpd\[14650\]: lost connection after AUTH from unknown\[212.70.149.68\] Oct 13 08:57:39 mx postfix/smtps/smtpd\[14650\]: warning: unknown\[212.70.149.68\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 13 08:57:44 mx postfix/smtps/smtpd\[14650\]: lost connection after AUTH from unknown\[212.70.149.68\] Oct 13 08:59:31 mx postfix/smtps/smtpd\[14650\]: warning: unknown\[212.70.149.68\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-10-13 14:59:48
212.70.149.83	attackspambots	Oct 13 07:33:41 srv01 postfix/smtpd\[7058\]: warning: unknown\[212.70.149.83\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 13 07:33:43 srv01 postfix/smtpd\[11219\]: warning: unknown\[212.70.149.83\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 13 07:33:47 srv01 postfix/smtpd\[13493\]: warning: unknown\[212.70.149.83\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 13 07:33:49 srv01 postfix/smtpd\[13498\]: warning: unknown\[212.70.149.83\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 13 07:34:06 srv01 postfix/smtpd\[11219\]: warning: unknown\[212.70.149.83\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-10-13 13:47:04

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 212.70.149.4
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8717
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;212.70.149.4.			IN	A

;; AUTHORITY SECTION:
.			276	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020081701 1800 900 604800 86400

;; Query time: 31 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Aug 18 04:47:37 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 4.149.70.212.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 4.149.70.212.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.30.187	attackspambots	Fail2Ban Ban Triggered (2)	2020-02-05 01:32:13
134.73.7.253	attackbotsspam	2019-04-09 05:28:53 1hDhRN-0007mN-HP SMTP connection from plants.sandyfadadu.com \(plants.parsanezhad.icu\) \[134.73.7.253\]:40051 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-04-09 05:31:07 1hDhTX-0007qx-BT SMTP connection from plants.sandyfadadu.com \(plants.parsanezhad.icu\) \[134.73.7.253\]:41977 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-04-09 05:31:35 1hDhTy-0007rP-T9 SMTP connection from plants.sandyfadadu.com \(plants.parsanezhad.icu\) \[134.73.7.253\]:52726 I=\[193.107.88.166\]:25 closed by DROP in ACL ...	2020-02-05 01:35:41
106.54.126.63	attackbotsspam	Feb 4 17:55:28 lukav-desktop sshd\[4975\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.126.63 user=root Feb 4 17:55:31 lukav-desktop sshd\[4975\]: Failed password for root from 106.54.126.63 port 43482 ssh2 Feb 4 17:57:32 lukav-desktop sshd\[4996\]: Invalid user bpb from 106.54.126.63 Feb 4 17:57:32 lukav-desktop sshd\[4996\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.126.63 Feb 4 17:57:34 lukav-desktop sshd\[4996\]: Failed password for invalid user bpb from 106.54.126.63 port 56780 ssh2	2020-02-05 00:53:30
139.199.113.140	attackbotsspam	Feb 4 16:54:17 v22018076622670303 sshd\[20656\]: Invalid user weblogic from 139.199.113.140 port 37650 Feb 4 16:54:17 v22018076622670303 sshd\[20656\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.113.140 Feb 4 16:54:19 v22018076622670303 sshd\[20656\]: Failed password for invalid user weblogic from 139.199.113.140 port 37650 ssh2 ...	2020-02-05 01:02:58
139.180.137.38	attackbots	2020-02-01 15:30:38 SMTP protocol synchronization error \(input sent without waiting for greeting\): rejected connection from H=\[139.180.137.38\]:63683 I=\[193.107.88.166\]:25 input="CONNECT 35.170.216.115:443 HTTP/" 2020-02-01 15:30:38 SMTP protocol synchronization error \(input sent without waiting for greeting\): rejected connection from H=\[139.180.137.38\]:63707 I=\[193.107.88.166\]:25 input="\004\001\001�\#��s" 2020-02-01 15:30:38 SMTP protocol synchronization error \(input sent without waiting for greeting\): rejected connection from H=\[139.180.137.38\]:63728 I=\[193.107.88.166\]:25 input="\005\001" ...	2020-02-05 01:09:06
134.73.87.133	attackbotsspam	2019-11-11 16:13:43 SMTP protocol error in "AUTH LOGIN" H=\(Bipidbveim\) \[134.73.87.133\]:64102 I=\[193.107.88.166\]:25 AUTH command used when not advertised 2019-11-11 16:13:44 SMTP protocol error in "AUTH LOGIN" H=\(fqfKgT\) \[134.73.87.133\]:56481 I=\[193.107.88.166\]:25 AUTH command used when not advertised 2019-11-11 16:13:45 SMTP protocol error in "AUTH LOGIN" H=\(iju5hoHIse\) \[134.73.87.133\]:58510 I=\[193.107.88.166\]:25 AUTH command used when not advertised 2019-11-11 16:13:46 SMTP protocol error in "AUTH LOGIN" H=\(c8ECeuXm\) \[134.73.87.133\]:62349 I=\[193.107.88.166\]:25 AUTH command used when not advertised 2019-11-11 16:14:59 SMTP protocol error in "AUTH LOGIN" H=\(VTwFlT\) \[134.73.87.133\]:52976 I=\[193.107.88.166\]:587 AUTH command used when not advertised 2019-11-11 16:15:00 SMTP protocol error in "AUTH LOGIN" H=\(JxkCEio\) \[134.73.87.133\]:63086 I=\[193.107.88.166\]:587 AUTH command used when not advertised 2019-11-11 16:15:01 SMTP protocol error in "AUTH LOGIN" H ...	2020-02-05 01:34:49
80.150.95.170	attackspambots	Feb 4 12:29:55 plusreed sshd[6206]: Invalid user gogs from 80.150.95.170 ...	2020-02-05 01:36:20
139.194.40.89	attack	2019-06-21 07:40:12 1heCHS-0002f6-UD SMTP connection from \(fm-dyn-139-194-40-89.fast.net.id\) \[139.194.40.89\]:38585 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-06-21 07:40:33 1heCHo-0002fT-7l SMTP connection from \(fm-dyn-139-194-40-89.fast.net.id\) \[139.194.40.89\]:38780 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-06-21 07:40:40 1heCHu-0002fY-Qf SMTP connection from \(fm-dyn-139-194-40-89.fast.net.id\) \[139.194.40.89\]:38841 I=\[193.107.88.166\]:25 closed by DROP in ACL ...	2020-02-05 00:56:36
138.68.142.122	attack	2019-05-07 11:08:35 1hNw5T-0007K7-NU SMTP connection from jeans.bridgecoaa.com \(null.technoandy.icu\) \[138.68.142.122\]:41731 I=\[193.107.90.29\]:25 closed by DROP in ACL 2019-05-07 11:09:14 1hNw66-0007Mr-Kd SMTP connection from jeans.bridgecoaa.com \(cats.technoandy.icu\) \[138.68.142.122\]:51735 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-05-07 11:10:28 1hNw7I-0007Py-G4 SMTP connection from jeans.bridgecoaa.com \(shaken.technoandy.icu\) \[138.68.142.122\]:56823 I=\[193.107.88.166\]:25 closed by DROP in ACL ...	2020-02-05 01:13:30
45.32.126.7	attackspambots	Wordpress_xmlrpc_attack	2020-02-05 01:17:11
103.12.199.38	attack	Feb 4 14:50:18 grey postfix/smtpd\[12047\]: NOQUEUE: reject: RCPT from unknown\[103.12.199.38\]: 554 5.7.1 Service unavailable\; Client host \[103.12.199.38\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[103.12.199.38\]\; from=\ to=\ proto=ESMTP helo=\<\[103.12.199.38\]\> ...	2020-02-05 01:33:58
139.194.8.146	attackspam	2019-10-24 05:26:46 1iNTlu-0003fd-0X SMTP connection from \(fm-dyn-139-194-8-146.fast.net.id\) \[139.194.8.146\]:49551 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-10-24 05:27:02 1iNTm9-0003fx-At SMTP connection from \(fm-dyn-139-194-8-146.fast.net.id\) \[139.194.8.146\]:49695 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-10-24 05:27:09 1iNTmG-0003gd-DT SMTP connection from \(fm-dyn-139-194-8-146.fast.net.id\) \[139.194.8.146\]:49769 I=\[193.107.88.166\]:25 closed by DROP in ACL ...	2020-02-05 00:54:35
222.186.42.136	attackspambots	Feb 4 18:19:38 legacy sshd[30518]: Failed password for root from 222.186.42.136 port 22931 ssh2 Feb 4 18:19:39 legacy sshd[30518]: Failed password for root from 222.186.42.136 port 22931 ssh2 Feb 4 18:19:42 legacy sshd[30518]: Failed password for root from 222.186.42.136 port 22931 ssh2 ...	2020-02-05 01:26:02
139.193.214.10	attack	2019-04-10 01:18:19 H=\(fm-dyn-139-193-214-10.fast.net.id\) \[139.193.214.10\]:25038 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed 2019-04-10 01:18:33 H=\(fm-dyn-139-193-214-10.fast.net.id\) \[139.193.214.10\]:25135 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed 2019-04-10 01:18:39 H=\(fm-dyn-139-193-214-10.fast.net.id\) \[139.193.214.10\]:25195 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed 2019-04-10 09:59:06 1hE88P-0005cr-Bp SMTP connection from \(fm-dyn-139-193-214-10.fast.net.id\) \[139.193.214.10\]:17713 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-04-10 09:59:17 1hE88a-0005dA-TC SMTP connection from \(fm-dyn-139-193-214-10.fast.net.id\) \[139.193.214.10\]:17802 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-04-10 09:59:29 1hE88n-0005dP-4D SMTP connection from \(fm-dyn-139-193-214-10.fast.net.id ...	2020-02-05 01:03:25
112.1.64.254	attackspambots	Unauthorized connection attempt detected from IP address 112.1.64.254 to port 2220 [J]	2020-02-05 01:03:53

Recently Reported IPs

221.226.29.194	198.98.58.127	123.205.245.111	202.74.239.140
126.36.91.6	91.132.146.158	54.174.52.134	180.249.165.239
123.191.206.65	45.169.140.34	24.234.114.110	60.37.9.219
180.76.51.143	148.23.176.222	119.45.32.110	116.106.16.243
190.146.241.22	118.89.231.121	117.69.177.219	49.7.20.86